sca-policy message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [sca-policy] Suggested wording for issue 32
- From: Mike Edwards <mike_edwards@uk.ibm.com>
- To: OASIS Policy <sca-policy@lists.oasis-open.org>
- Date: Wed, 3 Dec 2008 11:53:42 +0000
Ashok,
I'm just not getting this proposal -
I'd appreciate some help in understanding what it really means.
So the new proposal has 2 intents:
serverAuthentication
mutualAuthentication
- and it sounds as if mutualAuthentication
includes serverAuthentication - true?
Can you give me an idea of some examples
of concrete policies that these would turn into for common
communication protocols such as Web
services or JMS?
I can see plenty of support for clients
to deliver authentication data to servers (WS-Security mechanisms
for example) but the support for client
authentication of servers is less clear to me. And the tying together
of the two implied by "mutualAuthentication"
does not seem obvious from the concrete mechanisms that
I find in WS-Security.
Yours, Mike.
Strategist - Emerging Technologies, SCA & SDO.
Co Chair OASIS SCA Assembly TC.
IBM Hursley Park, Mail Point 146, Winchester, SO21 2JN, Great Britain.
Phone & FAX: +44-1962-818014 Mobile: +44-7802-467431
Email: mike_edwards@uk.ibm.com
From:
| ashok malhotra <ashok.malhotra@oracle.com>
|
To:
| OASIS Policy <sca-policy@lists.oasis-open.org>
|
Date:
| 02/12/2008 21:28
|
Subject:
| [sca-policy] Suggested wording for issue
32 |
On the Nov 24 telcon we agreed to resolve issue 32
by replacing the
current "authentication" intent by two intents,
one that specifies server authentication by the client (similar to the
current intent) and the other specifies mutual authentication.
The suggested changes are in the attached file. In addition to
replacing the single intent by 2 intents, a number of editorial changes
are needed in the examples, etc.
--
All the best, Ashok
[attachment "Changes for issue 32.doc" deleted by Mike Edwards/UK/IBM]
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number
741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6
3AU
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]